class Google::Cloud::Storage::PolicyV1

= [“allUsers”]
p.add “roles/storage.admin”, “user:newowner@example.com”
p.remove “roles/storage.admin”, “user:owner@example.com”
p.version # the value is 1
bucket.policy do |p|
bucket = storage.bucket “my-bucket”
storage = Google::Cloud::Storage.new
require “google/cloud/storage”
@example
for a listing of values and patterns for members.
setIamPolicy](cloud.google.com/storage/docs/json_api/v1/buckets/setIamPolicy)
listing of primitive and curated roles. See [Buckets:
Roles](cloud.google.com/iam/docs/understanding-roles) for a
associates roles with arrays of members. See [Understanding
@attr [Hash] roles Returns the version 1 bindings (no conditions) as a hash that
without the ‘requested_policy_version` keyword argument.
obtain instances of this class, call {Google::Cloud::Storage::Bucket#policy}
{Google::Cloud::Storage::Bucket#policy} with `requested_policy_version: 3`. To
syntax, use {Google::Cloud::Storage::PolicyV3} instead by calling
raise a runtime error. To update the Policy version and add bindings with a newer
and related helpers. Attempts to call {#bindings} and {#version=} will
A subclass of {Google::Cloud::Storage::Policy} that supports access to {#roles}
#

def self.from_gapi gapi

Other tags:

Private

def self.from_gapi gapi
  roles = Array(gapi.bindings).each_with_object({}) do |binding, memo|
    memo[binding.role] = binding.members.to_a
  end
  new gapi.etag, gapi.version, roles
end

def add role_name, member

Parameters:

member (String) -- A Cloud IAM identity, such as
role_name (String) -- A Cloud IAM role, such as

def add role_name, member
  role(role_name) << member
end

def bindings

Raises:

(RuntimeError) - If called on this class.

Other tags:

Private

def bindings
  raise "Illegal operation unless using PolicyV3. Use #roles instead."
end

def deep_dup

Returns:

(Policy) -

Deprecated:

Because the latest policy is now always retrieved by

def deep_dup
  warn "DEPRECATED: Storage::PolicyV1#deep_dup"
  dup.tap do |p|
    roles_dup = p.roles.transform_values do |v|
      v.dup rescue value
    end
    p.instance_variable_set :@roles, roles_dup
  end
end

def initialize etag, version, roles

Other tags:

Private

def initialize etag, version, roles
  super etag, version
  @roles = roles
end

def remove role_name, member

Parameters:

member (String) -- A Cloud IAM identity, such as
role_name (String) -- A Cloud IAM role, such as

def remove role_name, member
  role(role_name).delete member
end

def role role_name

Returns:

(Array) - The members strings, or an empty array.

def role role_name
  roles[role_name] ||= []
end

def roles_to_gapi

def roles_to_gapi
  roles.keys.map do |role_name|
    next if roles[role_name].empty?
    Google::Apis::StorageV1::Policy::Binding.new(
      role: role_name,
      members: roles[role_name].uniq
    )
  end
end

def to_gapi

Other tags:

Private

def to_gapi
  Google::Apis::StorageV1::Policy.new(
    etag: etag,
    version: version,
    bindings: roles_to_gapi
  )
end

def version=(*)

Raises:

(RuntimeError) - If called on this class.

Other tags:

Private

def version=(*)
  raise "Illegal operation unless using PolicyV3."
end

Instance Methods

Defined in

lib/google/cloud/storage/policy.rb

Modules

Classes

class Google::Cloud::Storage::PolicyV1

def self.from_gapi gapi

def add role_name, member

def bindings

def deep_dup

def initialize etag, version, roles

def remove role_name, member

def role role_name

def roles_to_gapi

def to_gapi

def version=(*)

Namespace

Parent class

Class Methods

Instance Methods

Defined in